Hiring .NET Developers in Washington DC
Tuesday, May 7, 2013 9:32 AM

My company, Thycotic Software is hiring for .NET Developers. 

Thycotic - available positions

This is a great opportunity - competitive salary, great benefits, awesome developers and fun problems to solve - you will be challenged!



Visit Thycotic on Facebook. Also check out these Thycotic reviews.

oAuth versus Application Keys
Tuesday, February 19, 2013 7:37 PM

I have not spent hours reading standards for interacting with websites.  However I did recently have to integrate with various services across a few projects:  MailChimp, GoToWebinar (citrixonline) and LinkedIn.

The easiest to integrate with from simple C# / .NET code was definitely MailChimp.  Their API has a simple REST interface and they provide application keys in their Admin dashboard that you can create and then use in your integration (this is basically a simple “password” that is tied to your application and you can revoke the key if necessary).  For typical backend plumbing/integration work this is perfect … you authenticate simply from your script or code and then do the work of the integration (adding data, pulling data, whatever).

Now let’s talk about oAuth … so I get it, the user needs to give their permission for your app to act on their behalf.  And here we have the first #fail … GoToWebinar has implemented this model although I am willing to bet the vast majority of their integrations are really just backend plumbing (grab a list of available webinars and show them on our website, etc.)  Using oAuth in this environment is really the wrong fit and is painful – but they provide no alternative.  That said, once you have done all the gyrations for user tokens, at least the actual API calls are just REST and make for simple code.  The biggest problem is that the oAuth access token will expire (after about a year I think per GoToWebinar docs in which case a human has to do the whole process to get things working again … yikes).

Next I got to try out integration with LinkedIn … in this case oAuth did actually make sense for me, since my use case did require permission from the user (not just plumbing work).  Unfortunately the API is just not simple – the description of the authentication process in the LinkedIn docs is confusing and doesn’t really explain all the bits about AccessRequestToken, AccessRequestTokenSecret, OAuthAccessToken, OAuthAccessTokenSecret and OAuthAccessRequestVerifier.  Then the second killer is it just isn’t simple to call the API due to all the signature generation required (nonce, timestamp, etc.)  I used the oAuth code from here which made it easier but still not simple.

It seems like API developers need to be careful about which route they choose (for the typical use case) and how simple these things are to use… 

Whatever happened to “Make it is as simple as possible and no simpler”?

Visit my company, Thycotic on Facebook. Thycotic is also hiring and check out these Thycotic reviews.

Hiring for TDD .NET engineers in Washington DC
Tuesday, February 19, 2013 6:56 PM

Thycotic/LogicBoost is hiring for .NET engineers at our office in downtown Washington DC.  This is a team that has been doing Test Driven Development and Pair Programming since 2004 (very mature agile team).  This is an amazing environment to work with great engineers in a team-based atmosphere (free lunches on Wednesdays, loads of personal development and learning is at our core).

Take the code test to apply.


Thycotic/LogicBoost is hiring for a Senior .NET TDD Developer in Washington DC
Friday, November 9, 2012 8:16 AM
This is really quite a unique team - very smart developers who really work together as a team - using pair programming and test driven development. Lots of room for technical growth and a technical career. Small company - 20+ employees. Hiring is only for full time employees onsite at our offices in downtown Washington DC. http://www.thycotic.com/career_tdddeveloper.html
Thycotic/LogicBoost is hiring for a UI Engineer/Developer
Tuesday, March 20, 2012 9:01 AM
Here is the posting:

Thycotic was recently named one of the 10 Best Tech companies to work for in 2012
First night at Business of Software 2011 in Boston!
Sunday, October 23, 2011 11:23 PM
I have finally made it to this conference after several years of conflicts with other shows. Registered, got my attendee bag - some nice books (too bad I have some of them already). Met some founders already and had some good conversations. I am going to drive my team batty when I get back to DC with all these ideas! http://www.businessofsoftware.org
by thycotic | with no comments
Secret Server 7.4 released–password management for IT Admins
Monday, May 2, 2011 6:30 PM

We have just released Secret Server 7.4 – this is an ASP.NET based web application with a SQL Server backend for storing passwords for IT Admins, DBAs and even developer teams.  Get rid of that spreadsheet and start using a robust password vault designed for teams.  It can be used to store server passwords, provide web-based password management, or even automatically change network passwords.

The important of transparency in development
Saturday, April 16, 2011 12:11 PM
David talks about the value of transparency in development.
Easy SQL totals and other Aggregates with rollup and cube
Thursday, March 31, 2011 11:32 AM

David talks about SQL totals and aggregates using rollup and cube.



Jonathan Cogley is the CEO of Thycotic Software Ltd, a Washington DC based company who make the web-based password manager Secret Server.

Do websites need to be experienced exactly the same in every web browser?
Monday, March 14, 2011 3:31 PM

Jimmy has a new post about browser compatibility on websites and how to think about it from a developer and business perspective.


Jonathan Cogley is the CEO of Thycotic Software Ltd, a Washington DC based company who make the web-based password manager Secret Server.

More Posts Next page »

This Blog